Please register to access this content.
To continue viewing the content you love, please sign in or create a new account
This content is for our paying subscribers only

Ticketmaster hack: How millions of users were exposed in major data breach and what happens next

Hackers demand $500K ransom, threaten to sell data; FBI offers to assist investigation

Live Nation Entertainment and Ticketmaster logos. Live Nation is working with law enforcement to investigate the breach and mitigate risks to users.
Image Credit: Reuters

In May 2024, Ticketmaster, the giant of online ticketing, was rocked by a cyberattack. Hackers infiltrated a third-party cloud database used by Ticketmaster, potentially compromising the data of millions of users. This event serves as a stark reminder of the ever-present threat of hacking in our digital world.

What happened?

Live Nation, Ticketmaster's parent company, discovered "unauthorized activity" within a cloud database on May 20th, 2024. Shortly after, a hacking group called ShinyHunters claimed responsibility for the breach. They alleged possession of 1.3 terabytes of data, potentially including names, addresses, phone numbers, order details, and even some credit card information for over 560 million Ticketmaster users. The hackers reportedly demanded a ransom of $500,000.

Live Nation says hacker is trying to sell user data on dark web

Live Nation said its Ticketmaster database may have been hacked by someone who's now offering to sell customer data on the dark web, a hidden part of the internet used for illegal activities.

The company notified law enforcement about the possible breach and is cooperating, according to a regulatory filing on Friday. It first detected unauthorized activity on May 20 and launched an investigation with industry leading forensic investigators. On May 27, a "criminal threat actor offered what is alleged to be company data for sale via the dark web."

Notorious ShinyHunters

ShinyHunters burst into notoriety in 2020-21 when it put up huge troves of customer records from more than 60 companies, according to the US Department of Justice.


In January, a court in Seattle jailed Sebastien Raoult, a French computer hacker who was a member ShinyHunters.

He was sentenced to three years in prison and ordered to pay more than $5 million in restitution after pleading guilty to conspiracy to commit wire fraud and aggravated identity theft.

Alleged monopoly held by Live Nation Entertainment and Ticketmaster 

The US Department of Justice last week filed a major antitrust lawsuit seeking to break up an alleged monopoly held by Live Nation Entertainment and its Ticketmaster subsidiary in the live music industry.

Ticketmaster's pricing practices, with high fees and lack of alternatives, have long been a political issue in the United States, with little done historically to open up the market to more competition.

Live Nation was sued last week by the US government, which accused the company of monopolistic practices. The company has denied the claims.


Understanding hacking

Hacking refers to the gaining of unauthorized access to a computer system or network. Hackers employ various techniques to achieve their goals, which can range from stealing data or disrupting operations to installing malware (malicious software) or launching cyberattacks. In the Ticketmaster case, hackers likely exploited vulnerabilities in the cloud database to gain access to user information.

The impact of the breach

The full extent of the Ticketmaster hack is still under investigation. However, the potential consequences are significant. Millions of users could be at risk of identity theft, fraud, or phishing scams. Phishing scams involve emails or messages that appear to be from legitimate sources, tricking users into revealing personal information or clicking on malicious links.

Ticketek says new hack breaches Australian client data

Entertainment booking site Ticketek Australia says it is investigating a cyberattack that accessed customer data, just days after a separate hack came to light at US-based global events giant Ticketmaster.

The breach may have "impacted" Ticketek Australia customers' names, dates of birth and email addresses, which were stored in a cloud-based platform hosted by a third party, it said in a statement.

The firm did not say how many people were affected but the government said the incident may have impacted "many Australians".


Ticketek said passwords and its online payment system were securely encrypted and had not been compromised. The company had put "every resource" into investigating the incident over the past few days, it said. "We have already commenced notifying those customers who may have been impacted," the company added.

Ticketek, a separate company to Ticketmaster, also hacked

Ticketek is a separate company to California-based concert booking site Ticketmaster, which was revealed this week to be the victim of a potentially major data breach.

A hacking group known as ShinyHunters claimed to have accessed the information of 560 million Ticketmaster customers around the world.

The well-known hacking group posted evidence on May 27 of the hack on the dark web, according to a screenshot shared widely on social media.

In a filing with the US Securities and Exchange Commission, Ticketmaster's parent company, Live Nation Entertainment, said Friday it had "identified unauthorized activity within a third-party cloud database environment".


FBI offers help in Ticketmaster hacking 'incident': US official

The FBI has offered assistance to Australian authorities after a hacking group claimed to have accessed the details of 560 million customers worldwide, a US Embassy spokesperson told AFP Thursday.

Hacking group the ShinyHunters earlier posted details of their alleged breach on the dark web along with an offer to sell the information for US$500,000 - sparking an investigation by Australian authorities.

What you can do

If you're a Ticketmaster user, here are some steps you can take to protect yourself:

Change your password: Create a strong, unique password for your Ticketmaster account and avoid using the same password for other online services.

Monitor your accounts: Regularly check your bank statements and credit card reports for any suspicious activity.


Beware of phishing scams: Be cautious of emails or messages claiming to be from Ticketmaster. Never click on links or attachments from unknown senders.

Enable two-factor authentication: If available, enable two-factor authentication (2FA) for your Ticketmaster account. This adds an extra layer of security by requiring a code from your phone in addition to your password when logging in.

The aftermath

Live Nation is working with law enforcement to investigate the breach and mitigate risks to users. While the company claims the incident may not significantly impact its operations, the potential damage to user privacy and trust is significant. This event highlights the importance of strong cybersecurity practices by both businesses and individuals.